package edu.zhuoxun.blogserver.controller;

import edu.zhuoxun.blogserver.entity.Permission;
import edu.zhuoxun.blogserver.entity.Result;
import edu.zhuoxun.blogserver.entity.User;
import edu.zhuoxun.blogserver.map.PermissionMapper;
import edu.zhuoxun.blogserver.map.UserMapper;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@Controller
public class LoginController {
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private PermissionMapper permissionMapper;
    @PostMapping("api/login")
    @ResponseBody
    public Result<User> login(@RequestBody User user){
        Result<User> result = new Result<>();
//        User one = userMapper.selectOne(new QueryWrapper<User>().eq("username", user.getUsername()).last(" limit 1"));
//        if (one != null) {
//            if (one.getPassword().equals(user.getPassword())) {
//                result.setCode(200);
//                result.setMessage("登录成功");
//                one.setPassword(null);
//                Subject subject = SecurityUtils.getSubject();
//                subject.login(new UsernamePasswordToken("root", "root"));
//                System.out.println(subject.isAuthenticated());
//                result.setData(one);
//            } else {
//                result.setCode(400);
//                result.setMessage("密码错误");
//            }
//        } else {
//            result.setCode(400);
//            result.setMessage(user.getUsername() + " 未注册");
//        }
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(new UsernamePasswordToken(user.getUsername(), user.getPassword()));
            result.setCode(200);
            result.setMessage("登录成功");
            User principal = (User) subject.getPrincipal();
            principal.setPassword(null);
            result.setData(principal);
        } catch (UnknownAccountException e) {
            result.setCode(400);
            result.setMessage(user.getUsername() + " 未注册");
        } catch (IncorrectCredentialsException e) {
            result.setCode(400);
            result.setMessage("密码错误");
        }
        return result;
    }
    @RequestMapping("api/logout")
    @ResponseBody
    public Result<Object> logout() {
        Result<Object> result = new Result<>();
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        result.setCode(200);
        result.setMessage("登出");
        return result;
    }
    @GetMapping("/api/notLogged")
    @ResponseBody
    public Result<Void> notLogged() {
        Result<Void> result = new Result<>();
        result.setCode(300);
        result.setMessage("未登录");
        return result;
    }

    @GetMapping("/api/permissions")
    @ResponseBody
    public Result<List<Permission>> getPermissions(){
        User user = (User) SecurityUtils.getSubject().getPrincipal();
        List<Permission> permissions = permissionMapper.getPermissionsByUser(user);
        Result<List<Permission>> result = new Result<>();
        result.setCode(200);
        result.setMessage("OK");
        result.setData(permissions);
        return result;
    }
}
